<html>
<head>


<script type="text/javascript" src="JSShield.js"></script>
<script type="text/javascript">
JSShield.Policy.AllowAlert  			= false;
JSShield.Policy.DoValidate				= true;
JSShield.Policy.SanitizeOnFailure 		= true;
JSShield.Policy.AllowXHR				= false;
JSShield.Policy.AllowPopups 			= false;
JSShield.Activate();
</script>

<script type="text/javascript">


function CreateIFrame(url) {
var ifr= document.createElement('iframe');
//ifr.style.visibility = 'hidden';
ifr.src = url;
ifr.style.width = ifr.style.height = 200;
document.body.appendChild(ifr);
}

function CreateLocalIFrame() {
	CreateIFrame("http://"+document.domain);
}

function Popup(a,b,c) {
	var t = window.open("http://"+document.domain,"popup", "width=320, height=240");
}

function sendXHR() {
	var xhr = null;
	
	if (window.XMLHttpRequest)
		xhr = new XMLHttpRequest();
	else if (window.createRequest)
		xhr = window.createRequest();
	else if (window.ActiveXObject) {
		try {
			xhr = new ActiveXObject('Msxml2.XMLHTTP');
		} catch (e) {
			try {
				xhr = new ActiveXObject('Microsoft.XMLHTTP');
			} catch (e) {}
		}
	}
	
	xhr.onreadystatechange = function () {
		if (xhr.readyState == 4) {
			alert(xhr.responseText);
		}
	}
	xhr.open("GET", "/");
	xhr.send();
}
</script>

</head>
<body>
<h1>This Page is hardened by JSShield</h1>
<a href="javascript:alert(0)">Alert()</a><br>
<a href="javascript:confirm(0)">Confirm()</a><br>
<a href="javascript:CreateLocalIFrame()">Internal IFrame</a><br>
<a href="javascript:CreateIFrame('http://www.google.de')">External IFrame</a><br>
<a href="javascript:window.location='http://www.google.de'">Redirect to Google</a><br>
<a href="javascript:Popup(40,40,'<html><body><h1>hallo</h1></body></html>')">Open a Popup</a><br>
<a href="javascript:sendXHR()">Send XML HTTP Request</a><br>

</body>
</html>